High severity8.1NVD Advisory· Published Feb 12, 2021· Updated Jun 17, 2026
CVE-2021-27197
CVE-2021-27197
Description
DSUtility.dll in Pelco Digital Sentry Server before 7.19.67 has an arbitrary file write vulnerability. The AppendToTextFile method doesn't check if it's being called from the application or from a malicious user. The vulnerability is triggered when a remote attacker crafts an HTML page (e.g., with "OBJECT classid=" and "") to overwrite arbitrary files.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Pelco/Digital Sentry Serverdescription
- Range: <7.19.67
- Range: <7.19.67
Patches
Vulnerability mechanics
References
2- github.com/vitorespf/Advisories/blob/master/Pelco_Digital_Sentry_Server_AFW.txtnvdExploitThird Party Advisory
- support.pelco.com/s/article/What-is-the-Digital-Sentry-software-release-revision-historynvdRelease NotesVendor Advisory
News mentions
0No linked articles in our index yet.